An exposure management business, Tenable Holdings Inc. (NASDAQ: TENB) surges around 4% in early trading session on Tuesday as the firm announced the launch of its new Tenable Research Alliance Program to exchange vulnerability information prior to public publication. The goal of this new information sharing project is to shorten the window of opportunity for threat actors to exploit newly reported vulnerabilities, allowing security teams and system administrators to address attack vectors before hackers can use them. The five founding members of this developing network are AlmaLinux, Canonical, CIQ, GreyNoise, and TuxCare .
Organizations are in a race against cyber attackers when a new vulnerability is exposed. Those in charge of securing the organization must work to determine whether the flaw exists within their infrastructure, assess the risk it poses by identifying the attack paths it introduces, and prioritize the weaknesses that pose the greatest threat before either updating the software where a patch is available or taking mitigating action if this is not immediately feasible. This takes time and exposes the organization. Threat actors will be looking for the weakness and devising ways to weaponize it at the same time.
Establishing a framework for a network of technology partners to share vulnerability details in accordance with CVD best practices increases the likelihood that software scripts (plugins) that detect instances of the flaw can be developed, tested, and deployed in time for public disclosure announcements. This allows enterprises to examine and fix their surroundings from the beginning. This implies that personnel in charge of vulnerability management are not only equipped with the same intelligence as threat actors, but are also prepared to take action to detect and repair problems before an attacker can exploit them.
Tenable’s chief security officer and head of research, Robert Huber, notes that anytime a vulnerability is published, the dinner bell rings for both good and bad actors, implying that enterprises are already on the defensive. They are aware that threat actors are following disclosure programs in the same manner that they are, looking for freshly revealed vulnerabilities and examining all available material such as proof of concepts, but they want to exploit the issue. By providing their clients with the means to correct these vulnerabilities when they are publicly disclosed, they close the intelligence gap and return the edge to the good guys.